This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Security as of version 4.0

From: Stéphane Konstantaropoulos <stephane at cs dot york dot ac dot uk>
To: tromey at redhat dot com
Cc: java at gcc dot gnu dot org
Date: Sun, 01 May 2005 02:00:57 +0100
Subject: Security as of version 4.0

Hi Tom,

I had a closer look at libgcj's code since the release of GCC 4.0

The first big flaws that are found are:

- SecurityManager.checkPermission() does not call
AccessController.checkPermission() (it is commented out)

- AccessController.getContext() generates a dummy context with empty
ProtectionDomains instead of walking through the call stack.

- AccessController.doPrivileged() set of methods look like stubs.

There is an open bug in bugzilla: nr 13604 about the context not being
generated.

This means there is no security checks done at all. Even though all the
rest (java.security.Policy, java.security.Security...) seems to be
implemented OK.

Is the signature/certificate of jars taken into account when loading a
jar?

Minor fixes should bring libgcj close to the java 2 security model.

This is encouraging
-- 
StÃphane Konstantaropoulos
- Research Student, Computer Science
-- University of York, http://www-users.cs.york.ac.uk/~stephane

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: Security as of version 4.0
  - From: Tom Tromey

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]